DocumentCode
3664568
Title
Research on the Collaborative Analysis Technology for Source Code and Binary Executable Based upon the Unified Defect Mode Set
Author
Xiaobing Liang;Baojiang Cui;Yingjie Lv;Yilun Fu
Author_Institution
Inst. of Metrol., China Electr. Power Res. Inst., Beijing, China
fYear
2015
fDate
7/1/2015 12:00:00 AM
Firstpage
260
Lastpage
264
Abstract
The security defect detection technology based on source code usually makes use of static analysis methods to detect security vulnerabilities in the test software, which does not consider the runtime information of program execution and the interaction information with the program runtime surrounding environment, so the security defect detection technology based on source code usually results in higher false positive rate. The binary program vulnerability detection methods based upon dynamic analysis usually have lower false positive rate, but their effectiveness depends entirely on test case generation, the detection efficiency of dynamic analysis based on binary program is lower. Moreover, the research of source code vulnerability detection technique and binary executable vulnerability detection technique are essentially fragmented, without considering the relationship between the two classes of methods. In order to improve the efficiency for source code and binary executables vulnerability detection, we presents a collaborative analysis method for vulnerability detection of source code and binary executables based upon the unified defect mode set, meanwhile, we verify the effectiveness of our method using a concrete example in this paper.
Keywords
"Security","Binary codes","Software","Buffer overflows","Collaboration","Data mining","Context"
Publisher
ieee
Conference_Titel
Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2015 9th International Conference on
Type
conf
DOI
10.1109/IMIS.2015.40
Filename
7284957
Link To Document